Re: Firescrolling [Firefox 1.0]
From: Brian Bergin (ntbugtraq.nospam.1_at_TERABYTE.NET)
Date: 02/25/05
- Previous message: Russ: "Re: Hidden Applications and rootkits for Windows"
- In reply to: mikx: "Firescrolling [Firefox 1.0]"
- Next in thread: Russ: "Re: Firescrolling [Firefox 1.0]"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 25 Feb 2005 11:29:16 -0500 To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
At 03:10 25-02-05 Friday, you wrote:
>Remember my Internet Explorer "scrollbar exploit" based on http-equiv's
>"What a Drag"? When will people ever learn that "unusual user interaction"
>can be hidden by common tasks...
>
>Let's combine fireflashing, firetabbing, xul and javascript to run arbitrary
>code by dragging a scrollbar two times.
>
>__Proof-of-Concept
>
>http://www.mikx.de/firescrolling/
>
>__Status
>
>The exploit is based on multiple vulnerabilities:
>
>bugzilla.mozilla.org #280664 (fireflashing)
>bugzilla.mozilla.org #280056 (firetabbing)
>bugzilla.mozilla.org #281807 (firescrolling)
>
>Upgrade to Firefox 1.0.1 or disable javascript.
>
>The Common Vulnerabilities and Exposures project (cve.mitre.org) has
>assigned the name CAN-2005-0527 to this issue.
Mozilla has apparently decided to delay, to the detriment of its users, the
auto-update feature of Firefox 1.0 so that getting 1.0.1 out there, unless
someone actually looks for updates manually on mozilla.org, will be delayed
several days. These fixes have been a long time coming and to delay them
to the general user any longer is a disservice, IMHO.
I would encourage Mozilla to reconsider this delay and get the update out
there ASAP via the auto-update feature.
NOTE: Please reply to the list so others may benefit from your
thoughts. If you're concerned it may not make it to the list, please cc:
me on the reply.
Sincerely,
Terabyte Computers, Inc.
Brian S. Bergin
President
-- NTBugtraq Editor's Note: Most viruses these days use spoofed email addresses. As such, using an Anti-Virus product which automatically notifies the perceived sender of a message it believes is infected may well cause more harm than good. Someone who did not actually send you a virus may receive the notification and scramble their support staff to find an infection which never existed in the first place. Suggest such notifications be disabled by whomever is responsible for your AV, or at least that the idea is considered. --
- Previous message: Russ: "Re: Hidden Applications and rootkits for Windows"
- In reply to: mikx: "Firescrolling [Firefox 1.0]"
- Next in thread: Russ: "Re: Firescrolling [Firefox 1.0]"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
